HHS to provide more HIPAA guidance to covered entities

On the heels of concerns that many healthcare providers misunderstand HIPAA, the U.S. Department of Health & Human Services plans to offer guidance and technical assistance to covered entities and business associates with concerns about the recently updated omnibus rule, Health IT Security, reports.

In an email to the publication, Rachel Seeger, senior health information privacy outreach specialist for the Office for Civil Rights, clarified recent statements made by HHS attorney Iliana Peters, who said that HHS hopes to publish the materials on the OCR website soon.  

At a congressional hearing on Friday, several legislators raised concerns that HIPAA misinterpretations could hinder care to patients, MedPage Today reports. Specifically, Rep. Tim Murphy, a clinical psychologist, talked about one scenario in which doctors cited HIPAA as a reason for not talking with the family members of patients for whom they had concerns; the patients later took their own lives.

Rep. Phil Gingery (R-Ga.), meanwhile, wondered aloud if some doctors used HIPAA as an excuse to streamline their patient responsibilities.

"I wonder if some physicians don't hide behind HIPAA just to move onto the next patient, not wanting to be bothered with an aunt, or an uncle, or a cousin in regard to questions about their loved one," he said. "I hope that doesn't exist too much, but it's something we need to think about."

Recent HIPAA audits of provider and payer organizations conducted by contractor KPMG on behalf of the U.S. Department of Health & Human Services determined that many in the industry don't know which privacy regulations apply to them. An analysis of the audits by the HHS Office for Civil Rights unveiled last week found that out of 980 problems identified during 115 audits conducted last year, 289 (30 percent) were due to ignorance on the part of organizations.

To learn more:
- read the Health IT Security article
- here's the MedPage Today piece

Suggested Articles

Federal regulators have listened to physicians' complaints about health IT burdens and they have some solutions.

NRC Health was hit with a ransomware attack Feb. 11 and it still working to restore its systems and services.

Welcome to this week's Chutes & Ladders, our roundup of hirings, firings and retirings throughout the industry.